feat: split claims into 2

2025-06-07 19:17:29 +02:00
parent 570ae6ac8c
commit 4b496ea9bd
1 changed files with 15 additions and 2 deletions
--- a/internal/types/claims.go
+++ b/internal/types/claims.go
@ -8,13 +8,26 @@ type UserClaims struct {
 	jwt.RegisteredClaims
 }

-type ApiClaims struct {
+type IdTokenClaims struct {
 	Email         string   `json:"email"`
 	EmailVerified bool     `json:"email_verified"`
 	Name          string   `json:"name"`
 	Picture       *string  `json:"picture"`
-	Nonce         string   `json:"nonce"`
+	Nonce         *string  `json:"nonce"`
 	Roles         []string `json:"roles"`
 	// TODO: add given_name, family_name, locale...
 	jwt.RegisteredClaims
 }
+
+type ApiClaims struct {
+	// FIXME: correct permissions
+	Permissions []string `json:"permissions"`
+	jwt.RegisteredClaims
+	// Subject = ClientID
+}
+
+type ApiRefreshClaims struct {
+	UserID string `json:"user_id"`
+	jwt.RegisteredClaims
+	// Subject = ClientID
+}